Messaging
cancel
Showing results for 
Search instead for 
Did you mean: 

Ownership of files executed through Mail aliases file

jk31214
Occasional Contributor

Ownership of files executed through Mail aliases file

I'm trying to meet some system security requirments for my 11i v2 box, but I'm having trouble determining one requirement.

 

"Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root"

 

Does this mean that only root should be listed after the : for each alias in /etc/mail/aliases ?

1 REPLY
Matti_Kurkela
Honored Contributor

Re: Ownership of files executed through Mail aliases file

I think it means: "if you have mail aliases that cause the mail to be piped to programs or scripts, those programs must be owned by root and located in a directory owned & writable by root only." (Yes, you can use aliases to pipe incoming mail to programs or scripts!)

 

For example, if you have an alias like this: (example from chapter 24.4, Special Aliases of the 2nd edition of Sendmail by O'Reilly)

mail-errors: "|/etc/mail/filter postmaster"

 ... then you must verify that /etc/mail/filter is owned by root and /etc/mail is owned and writable by root only.

 

If you don't have any executable aliases (the default /etc/mail/aliases certainly does not have any), then you don't have to do anything to comply with this requirement.

MK